Introduction

Refix is committed to protecting the privacy and security of our users’ data. This policy outlines our practices and commitments in relation to data protection and privacy, in compliance with the General Data Protection Regulation (GDPR).

What is GDPR?

The General Data Protection Regulation (GDPR) is a regulation enacted by the European Union (EU) that requires organizations to safeguard personal data and uphold the privacy rights of individuals in EU territory.

Refix’s GDPR Compliance

Refix is fully compliant with the GDPR framework. We are committed to:

  1. Minimizing data collection
  2. Ensuring data security
  3. Respecting user privacy
  4. Providing transparency in our data practices

Refix as a Data Controller

Refix acts as a Data Controller for the personal information provided by our customers to use our service (e.g., registration information). We do not sell personal data to third parties or use it for marketing purposes without explicit consent.

Refix as a Data Processor

When our customers use Refix to collect data about their website visitors, Refix acts as a Data Processor. We process this data according to our customers’ instructions and in compliance with GDPR. We use as minimal amount of sub-processors as possible. Here is the full list:

ServiceUsageGDPR Compliance
StripePayment processing and subscription managementLearn more
ClerkUser authentication and managementLearn more
LoopsEmail communication and marketing automationLearn more

Data We Collect

We collect minimal data to provide our service effectively:

Data PointDescription
Unique user identifierA randomly generated ID stored locally in the user’s browser to distinguish individual visitors anonymously.
Page viewsURLs of pages visited
ReferrerThe source of the visit
Device informationBrowser, operating system, screen width and device type
LocationThe user’s country, inferred from their browser’s timezone setting. No IP addresses are collected or used.
We do not use cookies or collect any personally identifiable information.

Data Storage and Security

  • All data is encrypted and stored on servers located within the European Union.
  • We use industry-standard security measures to protect your data.
  • We regularly perform backups to prevent data loss.

User Rights

Under GDPR, you have the right to:

  1. Access your personal data
  2. Rectify inaccurate personal data
  3. Erase your personal data
  4. Restrict or object to processing
  5. Data portability

To exercise these rights, please contact us at hey@refix.ai.

Data Retention

We retain data only for as long as necessary to provide our service and comply with legal obligations. Users can request deletion of their data at any time.

Google User Data Policy Addendum

Google User Data Access

Our application accesses the following Google user data through the Google Analytics API:

  • Google Analytics reports, metrics, and dimensions
  • Google Analytics account and property information
  • View (profile) data and report configurations

We access this data only after you have explicitly granted permission through Google’s OAuth 2.0 authentication process for the following scopes:

  • analytics.readonly

Use of Google User Data

Refix uses Google Analytics data solely for the following purposes:

  • Providing insights and analytics about your application performance
  • Displaying your Google Analytics data within our platform for your analysis
  • Generating recommendations and growth opportunities based on your analytics data
  • Powering our AI agent that performs deep dives on your Google Analytics data

We process this data temporarily in memory to generate insights. We do not store, cache, or copy any Google Analytics data to our databases. All analysis is performed through direct API calls with your provided OAuth tokens.

Sharing Google User Data

Refix does not share, transfer, or disclose your Google user data with any third parties.

We do not:

  • Sell Google user data to third parties
  • Use Google user data for advertising purposes
  • Transfer Google user data to data brokers
  • Combine Google user data with other datasets in ways that would reduce user privacy or control

Revoking Access

You can revoke Refix’s access to your Google Analytics data at any time by either:

Method 1: Through Google Account Settings

  1. Visiting Google Account Settings
  2. Selecting Refix from the list of connected applications
  3. Clicking “Remove Access”

Method 2: Through Refix Platform

  1. Logging into your Refix account
  2. Navigating to the “Integrations” tab
  3. Finding the Google Analytics integration
  4. Clicking “Disconnect” or “Remove Access”

Upon revocation through either method, we will immediately cease accessing your Google Analytics data and delete any cached credentials.

Changes to This Policy

We may update this policy from time to time. We will notify users of any significant changes.

Contact Us

If you have any questions about this policy or our data practices, please contact us at:

Email: hey@refix.ai

Last updated: 1st August 2024